Cybersecurity researchers discovered five malicious Rust crates on crates.io between late February and early March 2026 that exfiltrated .env files to attacker infrastructure, a technical analysis by Socket reported.
KEY FACTS
- Incident Five malicious Rust crates published to crates.io
- Packages chrono_anchor, dnp3times, time_calibrator, time_calibrators, time-sync
- Method Exfiltration of .env files to a lookalike domain timeapis[.]io
- Timeline Published late February to early March 2026
- Mitigation Packages removed from crates.io
The five crates posed as time utilities and advertised local time calibration without NTP. The packages were presented as developer tools and used a lookalike domain for data staging. Evidence in the report includes use of the same exfiltration methodology across all packages.
One package, chrono_anchor, embeds exfiltration logic in a file named “guard.rs” that is invoked from an optional sync helper to avoid raising suspicion. The malicious code does not install persistence on hosts but attempts repeated exfiltration when invoked by developer workflows and CI jobs.
The crates targeted .env files that commonly store API keys, tokens and other secrets. The packages were removed from crates.io. Users who downloaded them should assume possible secret exposure, rotate keys and tokens, audit CI and CI/CD jobs that run with publish or deploy credentials and limit outbound network access where possible.
An automated campaign also targeted CI/CD pipelines using an AI-powered bot called hackerbot-claw to scan public repositories for misconfigured GitHub Actions, fork repositories, open pull requests that triggered CI builds and steal secrets, in a StepSecurity blog post on hackerbot-claw. One high-profile target was Aqua Security’s Trivy repository and a malicious VS Code extension was pushed to Open VSX that executed local AI coding assistants to collect data. The incident is tracked under CVE-2026-28353.
WHY IT MATTERS
Malicious development dependencies and automated CI exploits can expose developer secrets and enable downstream supply chain compromise. Organizations should block or vet dependencies before execution and apply controls to reduce secret exposure in developer environments and CI jobs.